﻿// --------------------------------------------------------------------------------------------------------------------
// <copyright file="Authorization.cs" company="Anton Frattaroli">
//   Copyright (c) Anton Frattaroli. All rights reserved.
// </copyright>
// <summary>
//   Defines the Authorization class.
// </summary>
// --------------------------------------------------------------------------------------------------------------------
namespace Lidocaine.Data
{
    using System.Data;
    using System.Data.SqlClient;
    using Lidocaine.BusinessObjects;

    /// <summary>
    /// The Authorization class.
    /// </summary>
    public static class Authorization
    {
        public static void Insert(Source itemType, int itemID, PermissionAllowType allowType, int allowID)
        {
            using (SqlConnection conn = new SqlConnection(Environment.ConnectionString))
            {
                conn.Open();
                using (SqlCommand cmd = new SqlCommand("Lidocaine.InsertPermission", conn))
                {
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.Parameters.AddWithValue("@PermissionItemType", itemType);
                    cmd.Parameters.AddWithValue("@PermissionItemID", itemID);
                    cmd.Parameters.AddWithValue("@PermissionAllowType", allowType);
                    cmd.Parameters.AddWithValue("@PermissionAllowID", allowID);
                    cmd.ExecuteNonQuery();
                }
            }
        }

        public static void Delete(int permissionId)
        {
            using (SqlConnection conn = new SqlConnection(Environment.ConnectionString))
            {
                conn.Open();
                using (SqlCommand cmd = new SqlCommand("Lidocaine.RemovePermissions", conn))
                {
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.Parameters.AddWithValue("@PermissionID", permissionId);
                    cmd.ExecuteNonQuery();
                }
            }
        }
    }
}